introduction to the course network architecture hervey allen chris evans phil regnauld september 3 -...
TRANSCRIPT
![Page 1: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/1.jpg)
Introduction ToThe Course Network Architecture
Hervey AllenChris Evans
Phil Regnauld
September 3 - 4, 2009Santiago, Chile
![Page 2: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/2.jpg)
Overview
• Course Architecture Diagram• Introducing Your “ccTLD”• How to Connect to Your Network• Practice Exercises
2
![Page 3: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/3.jpg)
Course Architecture
• This architecture was designed to give each group of students a sample “registry” to secure, operate, and defend
• Each group of two students will be assigned one registry network.
• Each group will have a separate registry consisting of a Cisco Router, Name Server, and Network Operations Center server at a minimum
• Other servers and routers exist on the network to simulate an “Internet connected” registry and support course delivery
• All student “servers” are virtualized!
3
![Page 4: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/4.jpg)
Course Architecture
• Connectivity– Each “ccTLD” is separated from the network by a
gateway router – which is under YOUR control– Each “ccTLD” connects to the same “ISP” router
which provides live Internet access (except during attack scenarios) and inter-connectivity
– The ISP router also connects the instructor management servers and attack boxes
– The Core Router provides Internet access and connects you to the ISP and your “ccTLD”
4
![Page 5: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/5.jpg)
Course Architecture
• DNS Architecture– A “Root” name server is setup on 192.168.128.20
which provides delegations to the ccTLD networks and to regular TLDs when connected live.
– A “ISP” name server provides recursive services for _everyone_ on the network
– Each “ccTLD” has an authoritative name server for their own networks (e.g. .TLD1)
5
Root (.)
.MGMT .TLD1 .TLD2 … .TLD8
![Page 6: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/6.jpg)
Course Architecture
• Core Services– Course Support Server: 192.168.75.20– NTP: 192.168.128.5
6
![Page 7: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/7.jpg)
Course Architecture
7
![Page 8: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/8.jpg)
Course Architecture
8
YOU ARE HERE!
![Page 9: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/9.jpg)
Course Architecture
9
A “ccTLD” Network
![Page 10: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/10.jpg)
Course Architecture
10
The Core Router
![Page 11: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/11.jpg)
Course Architecture
11
The “ISP” Router
![Page 12: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/12.jpg)
Course Architecture
12
The Management Network
![Page 13: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/13.jpg)
Course Architecture
13
Your Laptop Internet Access
![Page 14: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/14.jpg)
Course Architecture
14
ccTLD Internet Connectivity
![Page 15: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/15.jpg)
Course Architecture
15
Backchannel Connection to ccTLD
ISP Router
![Page 16: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/16.jpg)
Course Architecture
16
“External Monitoring”
![Page 17: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/17.jpg)
Course Architecture
17
“Attack” Path
![Page 18: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/18.jpg)
Course Architecture
18
Here’s YOUR ccTLD NetworkHere’s YOUR ccTLD Network
![Page 19: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/19.jpg)
Introducing Your “ccTLD”
19
A “Cheat Sheet” is Available on the Wiki
A “Cheat Sheet” is Available on the Wiki
Recursive NameServer
![Page 20: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/20.jpg)
Introducing Your “ccTLD”
20
A “Cheat Sheet” is Available on the Wiki
A “Cheat Sheet” is Available on the Wiki
Root NameServer
![Page 21: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/21.jpg)
Introducing Your “ccTLD”
21
A “Cheat Sheet” is Available on the Wiki
A “Cheat Sheet” is Available on the Wiki
ISP Router
![Page 22: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/22.jpg)
Introducing Your “ccTLD”
22
A “Cheat Sheet” is Available on the Wiki
A “Cheat Sheet” is Available on the Wiki
Your Router
![Page 23: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/23.jpg)
Introducing Your “ccTLD”
23
A “Cheat Sheet” is Available on the Wiki
A “Cheat Sheet” is Available on the Wiki
Your Auth NameServer
![Page 24: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/24.jpg)
Introducing Your “ccTLD”
24
A “Cheat Sheet” is Available on the Wiki
A “Cheat Sheet” is Available on the Wiki
Your NOC
![Page 25: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/25.jpg)
Introducing Your “ccTLD”
25
A “Cheat Sheet” is Available on the Wiki
A “Cheat Sheet” is Available on the Wiki
Your “Office” Workstation
![Page 26: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/26.jpg)
Connecting to Your “ccTLD”
26
This is Great But, How Do I Use It?!
This is Great But, How Do I Use It?!
![Page 27: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/27.jpg)
Connecting to Your “ccTLD”
• A Word on Programs – SSH (Secure Shell) is the primary connection protocol used in this
network. You must provide a username AND a identity key to login
– You can use any ssh client you are familiar with, but we have Putty available for Windows users
– To view web pages on your network (e.g. network monitoring from your NOC), use any browser you are comfortable with
– To view GUI programs on your network (e.g. wireshark, a packet capture program), you must redirect X11 output via a SSH connection • On Windows, this requires a X11 server; we suggest Xming• On Linux, its easy, use the –X option with ssh
• Download links for Putty, XMing, and identity keys are available on the wiki… 27
![Page 28: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/28.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Router– SSH as ‘tldadmin’ user to 192.168.10X.1– Password: tldadmin!– Enable Password: tldadmin!
• Example: ssh [email protected]
28
Remember - A “Cheat Sheet” is Available on the Wiki
Remember - A “Cheat Sheet” is Available on the Wiki
X – your group number, 1-8
X – your group number, 1-8
![Page 29: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/29.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Router with Putty– IP Address: 192.168.101.1– Click “Open”
29
X – your group number, 1-8
X – your group number, 1-8
![Page 30: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/30.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Router with Putty– You will be doing this a lot! – Save connection information as a Session!– IP Address: 192.168.101.1– Session Name: TLD-Router– Click “Save”
30
X – your group number, 1-8
X – your group number, 1-8
![Page 31: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/31.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Nameserver– SSH as ‘tldadmin’, with tldadmin identity key to
192.168.10X.10– Password: tldadmin!
• Example: ssh –i tldadmin [email protected]
31
Remember - A “Cheat Sheet” is Available on the Wiki
Remember - A “Cheat Sheet” is Available on the Wiki
X – your group number, 1-8
X – your group number, 1-8
![Page 32: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/32.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Nameserver with Putty– IP Address: 192.168.10X.10– Enter “TLD-NS1” in Saved
Sessions Box
32
X – your group number, 1-8
X – your group number, 1-8
![Page 33: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/33.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Nameserver with Putty– Click Connection -> SSH -> Auth– Identity File: Path to tldadmin.ppk
33
![Page 34: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/34.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Nameserver with Putty– Click Connection -> SSH -> X11– Check “Enable X11 Forwarding”– Put Your Laptop IP Address Here
• e.g. 192.168.75.101
34
![Page 35: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/35.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Nameserver with Putty– Click Connection -> Data– Enter ‘tldadmin’ for Auto-login username
35
![Page 36: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/36.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Nameserver with Putty– Click Session– Click “Save”
36
![Page 37: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/37.jpg)
Connecting to Your “ccTLD”
• Connecting to Your Nameserver with Putty– Double Click the Session Name to Connect!
37
![Page 38: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/38.jpg)
Connecting to Your “ccTLD”
• Connecting to Your NOC– SSH as ‘tldadmin’, with tldadmin identity key to
192.168.10X.30– Password: tldadmin!
• Example: ssh –i tldadmin [email protected]
38
Remember - A “Cheat Sheet” is Available on the Wiki
Remember - A “Cheat Sheet” is Available on the Wiki
X – your group number, 1-8
X – your group number, 1-8
![Page 39: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/39.jpg)
Connecting to Your “ccTLD”
• Connecting to Your NOC with Putty– IP Address: 192.168.10X.30– Enter “TLD-NOC” in Saved
Sessions Box
39
X – your group number, 1-8
X – your group number, 1-8
![Page 40: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/40.jpg)
Connecting to Your “ccTLD”
• Connecting to Your NOC with Putty– Click Connection -> SSH -> Auth– Identity File: Path to tldadmin.ppk
40
![Page 41: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/41.jpg)
Connecting to Your “ccTLD”
• Connecting to Your NOC with Putty– Click Connection -> SSH -> X11– Check “Enable X11 Forwarding”– Put Your Laptop IP Address Here
• e.g. 192.168.75.101
41
![Page 42: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/42.jpg)
Connecting to Your “ccTLD”
• Connecting to Your NOC with Putty– Click Connection -> Data– Enter ‘tldadmin’ for Auto-login username
42
![Page 43: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/43.jpg)
Connecting to Your “ccTLD”
• Connecting to Your NOC with Putty– Click Session– Click “Save”
43
![Page 44: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/44.jpg)
Connecting to Your “ccTLD”
• Connecting to Your NOC with Putty– Double Click the Session Name to Connect!
44
![Page 45: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/45.jpg)
Your “ccTLD” Cheat Sheet
• View Your Copy on the Course Wiki
• Usernames, Passwords, Keys, IPS, and sample command line instructions included
45
![Page 46: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/46.jpg)
Your “ccTLD” Configuration
• Your Router Has Very Minor Security Precautions, No ACLs, and only allows SSH
• Your NOC is a base installation of Ubuntu 8.10 Desktop with OpenSSH server – We’ll be adding to this as we move through the course
• Your NS is a base installation of Ubuntu 8.10 Server with OpenSSH and BIND– We may make BIND configuration changes as we go
46
![Page 47: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/47.jpg)
Ground Rules
• Please respect other student’s registries – while you have the power to do so, do not change them!
• Please respect the underlying servers running VMWare!
• Please don’t make any configuration changes except those presented in class – they may break attack scenarios!
• Please respect the course management servers, wiki and attack boxes – they are there to assist in course delivery!
• Do not conduct cyber attacks on others students or the instructors!
47
![Page 48: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/48.jpg)
Practice Exercises
• View Exercises on Wiki1. Login to your Nameserver by SSH2. Login to your NOC by SSH3. Run wireshark on your NOC with X11 Forwarding
** Be sure to save your SSH profiles to make connections easier – you’ll be doing a lot of this!
48
EX: Intro to Course
Architecture
![Page 49: Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile](https://reader035.vdocuments.us/reader035/viewer/2022062515/56649c9a5503460f94956e96/html5/thumbnails/49.jpg)
QUESTIONS ON YOUR “CCTLD”?
49
?